漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Magento LTS: Reflected XSS - Import -> Data Flow (profiles)
Vulnerability Description
Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, there is a reflected XSS vulnerability under admin panel -> System -> Import/Export -> Dataflow - Profiles. This vulnerability is fixed in 20.18.0.
CVSS Information
N/A
Vulnerability Type
替代XSS语法转义处理不恰当
Vulnerability Title
magento-lts 安全漏洞
Vulnerability Description
magento-lts是OpenMage开源的一个用于Magento CE官方版本的可靠替代品。 magento-lts 20.18.0之前版本存在安全漏洞,该漏洞源于管理面板系统导入导出数据流配置文件存在反射型跨站脚本漏洞。
CVSS Information
N/A
Vulnerability Type
N/A